From 33de45428770730c44856465c9c349e9165b9cf5 Mon Sep 17 00:00:00 2001
From: Zaharia Constantin <1303303+soulraven@users.noreply.github.com>
Date: Mon, 10 Jun 2024 13:09:40 +0300
Subject: [PATCH] testing permissions on workflow

---
 .github/workflows/publish_to_pypi.yml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/.github/workflows/publish_to_pypi.yml b/.github/workflows/publish_to_pypi.yml
index 7bcf65b..bee9c64 100644
--- a/.github/workflows/publish_to_pypi.yml
+++ b/.github/workflows/publish_to_pypi.yml
@@ -4,6 +4,9 @@ on:
   release:
     types: [ published ]
     branches: [ main ]
+permissions:
+  id-token: write
+  contents: write
 jobs:
   quality:
     runs-on: ubuntu-latest
@@ -126,3 +129,26 @@ jobs:
           gh release upload
           '${{ github.ref_name }}' dist/**
           --repo '${{ github.repository }}'
+  publish-to-testpypi:
+    name: Publish Python 🐍 distribution 📦 to TestPyPI
+    needs:
+      - build
+    runs-on: ubuntu-latest
+
+    environment:
+      name: testpypi
+      url: https://test.pypi.org/p/${{github.repo_name}}
+
+    permissions:
+      id-token: write  # IMPORTANT: mandatory for trusted publishing
+
+    steps:
+      - name: Download all the dists
+        uses: actions/download-artifact@v3
+        with:
+          name: python-package-distributions
+          path: dist/
+      - name: Publish distribution 📦 to TestPyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          repository-url: https://test.pypi.org/legacy/